2007/11/27

Security software quality and a more complete solution

This article is mainly critical about the quality of existing security software, which may or may not be justified. People have a higher expectation of quality when it comes to security software and there have been a number of incidents recently that have been very disillusioning. OTOH, at least AV software tends to mutate fairly rapidly compared with regular software and that reduces the usable attack surface somewhat.

More relevant to me would be that the concept of these pieces of security software being isolated solutions is becoming problematic. While I cant see any meaningful movement in this direction, I do believe that security software will have to become an ecology: each component piece will have to work with the other pieces in a concerted way to defend the network in a far more autonomous fashion than currently is the case.